Join us for an enlightening evening at the GDG Stuttgart Security Meetup! This event is a perfect opportunity for developers, IT professionals, and cybersecurity enthusiasts to delve into the world of application security. Our featured speaker, Marcel Haag (IT-Security Consultant @ CGI), will guide you through "Catch What E2E Tests Miss: Real-World Security Testing with ZAP" a session that promises to show you how to examine an application while it is running to uncover vulnerabilities in the same way an actual attacker would: Fully automated and seamlessly integrated into your CI/CD pipeline through GitHub Actions.

We are still finalizing our second speaker, ensuring you'll get diverse insights on security practices. Don't miss out on this chance to learn from industry experts and engage with the local tech community. Whether you are a seasoned professional or new to cybersecurity, this meetup is designed to expand your knowledge and networks. Register now to secure your spot and be part of a vibrant community eager to share and grow together!

Marcel Haag (IT-Security Consultant @ CGI)

In modern software projects, it’s no longer enough to rely solely on end-to-end tests to ensure functional correctness. Security must become an integral part of the overall architecture and development workflow.

In this talk, I will show how you can evolve existing E2E testing strategies into a robust approach for Dynamic Application Security Testing (DAST) that makes testing practical, automated, and scalable.

Using ZAP (zaproxy.org), I will demonstrate how running applications can be examined to uncover vulnerabilities in the same way an actual attacker would.

We will walk through how to integrate ZAP into modern CI/CD pipelines and explore how to use the tool within your GitHub Actions workflows to execute security tests seamlessly and reproducibly.

I will also provide hands-on examples of ZAP’s basic, API, and full-scan capabilities, making the session valuable not only for DevOps teams but also for frontend and backend developers looking to test and strengthen the security posture of their applications.

Andreas Falk (Executive Consultant at CGI | iSAQB Certified Architect | CyberSecurity & IAM Expert | Trainer | Public Speaker)

Not finalized yet...

And of course there will be Drinks and Pizza between the talks :)